Cisco Cisco MDS 9500 Series Supervisor-2 Module Libro blanco
© 2006 Cisco Systems, Inc. All rights reserved.
Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.
Page 10 of 16
•
High-performance encryption and decryption are available on MPS-14/2 modules and the Cisco MDS 9216i Fabric Switch through IP Security
(IPSec) authentication, data integrity, and hardware-assisted encryption. Encryption and decryption using AES128 is supported at wire rate and
can be used to transport sensitive storage traffic over untrusted WAN links.
can be used to transport sensitive storage traffic over untrusted WAN links.
•
Where higher levels of performance or resiliency are necessary, PortChannels can be used to bundle up to 16 physical Gigabit Ethernet interfaces
across multiple modules, providing up to 16 Gbps of IP SAN extension throughput. Individual interfaces can be added and removed from
a PortChannel bundle in a nondisruptive manner, without affecting the flow of traffic.
a PortChannel bundle in a nondisruptive manner, without affecting the flow of traffic.
Up to three FCIP tunnels can be enabled per Gigabit Ethernet interface, allowing for point-to-multipoint IP SAN extension. FCIP can be enabled
on Cisco MDS 9000 Family switches using 8-port IP services modules, 4-port IP services modules, 2-port IP + 14-port Fibre Channel multiprotocol
services modules.
SAMPLE SAN DESIGNS
The maximum number of end ports required over the lifespan of a SAN design, desired oversubscription ratio between hosts and storage, and
the maximum port count available on a single physical switch are the primary factors that determine the optimal type of topology for a given SAN
design.
Generally speaking, SAN designs fit into two distinct categories:
•
SAN designs that can be built using a single physical switch—SAN designs that can be built using a single physical switch are commonly
referred to as collapsed core designs. This terminology refers to the fact that a design is conceptually a core/edge design, making use of core ports
(non over-subscribed) and edge ports (over-subscribed) but that it has been collapsed into a single physical switch. Traditionally, a collapsed core
design on Cisco MDS 9000 Family switches would utilize both non over-subscribed (storage) and over-subscribed (host-optimized) line-cards.
With the introduction of second-generation line-card modules, collapsed core designs can now be built using a single type of line-card
(for example, a 48-port linecard), in conjunction with the port bandwidth reservation feature.
(non over-subscribed) and edge ports (over-subscribed) but that it has been collapsed into a single physical switch. Traditionally, a collapsed core
design on Cisco MDS 9000 Family switches would utilize both non over-subscribed (storage) and over-subscribed (host-optimized) line-cards.
With the introduction of second-generation line-card modules, collapsed core designs can now be built using a single type of line-card
(for example, a 48-port linecard), in conjunction with the port bandwidth reservation feature.
•
SAN designs that require multiple physical switches to meet the port count and oversubscription requirements—Multiple design choices
are available for multiswitch fabrics, with the most common design being one of a structured core/edge design. In a core/edge design, storage is
always put in the core, and hosts are always attached at the edge. This design is considered structured because SAN traffic flows are typically not
peer-to-peer but instead many-to-one (hosts to storage). In addition to core/edge, other common designs available include edge/core/edge (storage
edge, core, host edge), used where core/edge provides insufficient scalability and an additional edge tier is necessary to handle the large number
of devices; collapsed edge, where the design uses three tiers but the two edge layers are collapsed into the same physical switches (enabled
through mixing over-subscribed and non over-subscribed linecards in the edge layer); cascaded; ring; and mesh topologies.
always put in the core, and hosts are always attached at the edge. This design is considered structured because SAN traffic flows are typically not
peer-to-peer but instead many-to-one (hosts to storage). In addition to core/edge, other common designs available include edge/core/edge (storage
edge, core, host edge), used where core/edge provides insufficient scalability and an additional edge tier is necessary to handle the large number
of devices; collapsed edge, where the design uses three tiers but the two edge layers are collapsed into the same physical switches (enabled
through mixing over-subscribed and non over-subscribed linecards in the edge layer); cascaded; ring; and mesh topologies.
Rather than describing every possible type of topology in detail, this paper only provides examples for collapsed core (single switch) and structured
core/edge (multiple switch) designs. While there is nothing inherently wrong in other storage topologies, the high port density offered by the Cisco
MDS 9513 Multilayer Director can be used with these two types of designs to address even the largest SAN deployments in the world.
Although all SAN designs focus on the end goal of what the SAN would look like at its maximum configuration, this does not mean that all
equipment needs to be provisioned initially. Rather, SAN designs grow to their maximum configuration and typically start out with a minimal
number of switches and linecards. As the SAN design grows, the equipment list incrementally grows with it.
SAN designs should always use two isolated fabrics for high availability, with both hosts and storage connecting to both fabrics. Multipathing
software should be deployed on the hosts to manage connectivity between the host and storage so that I/O uses both paths, and there is non-
disruptive failover between fabrics in the event of a problem in one fabric. Fabric isolation can be achieved using either VSANs, or dual physical
switches. Both provide separation of fabric services, although it could be argued that multiple physical fabrics provide increased physical protection
(e.g. protection against a sprinkler head failing above a switch) and protection against equipment failure. Cisco MDS 9500 Series Director switches
are fully redundant internally with no single point of failure. They are built to exceed 99.999 percent uptime, thus equipment failure is unlikely.
Experience shows us that the majority of outages are as a result of human error rather then equipment failure or environmental factors (power, heat,
water).